Chapter 5 “Configuring Routing and Remote Access (RRAS) and Wireless Networking”

Thursday, February 28, 2013

 Routing is the process of transferring data across an internetwork from one LAN to another.  Routers operate at the third layer of the OSI model, the network layer, and they determine the route that data will take from the source network to the destination network.  Routers can join networks together over extended distances or join dissimilar networks, for example an Ethernet LAN to a Fiber Distributed Data Interface (FDDI) backbone.  Routing protocols can be used to transmit information about the routing topology and which routes can be reached through which router.  Some of the common protocols are, Routing Information Protocol (RIP), Routing Information Protocol version 2 (RIPv2), and Open Shortest Path First (OSPF).  Routers use routing tables to forward packets to the next destination.  When a packet arrives at the router, the router reads the destination and compares it to the information found in the routing table and then forwards the packet to the next destination based on that information.  One of the roles that Windows Server 2008 has to offer is Routing and Remote Access (RRAS).  RRAS provides many different types of remote access connectivity including Dial-Up Networking (DUN), and Virtual Private Networking (VPN), as well as allowing your Windows Server 2008 computer to act as a Network Address Translation (NAT) device.  Windows Server 2008 uses the Network Policy Server (NPS) RRAS role service as a means to check the credentials of someone trying to connect to the server.  Remote Authentication Dial-In User Service (RADIUS) is another third party authentication and authorization role service that can be used in place of NPS.  Wireless mobile devices such as smartphones, tablets, and netbooks, have created a need to secure this type of access.  To accomplish this, the Institute of Electrical and Electronics Engineers (IEEE) developed the 802.1X standard for network access control.  There are three components that 802.1X uses to provide port based security.  The Supplicant, which is the device that is attempting to gain access to the network such as a smartphone or laptop, the Authenticator, which is the component that requests credentials from supplicants, and the Authentication Server, which provides the verification of the authentication credentials.